Mitigate automountServiceAccountToken findings

Relates #31

This MR includes a default value modification in tempo/chart/values.yaml to disable API token auto-mounting for Pods in the Tempo namespace.

This essentially means that containers in the tempo-tempo-0 Pod have had their Kubernetes API token (mounted at /var/run/secrets/kubernetes.io/serviceaccount/token) revoked.

My manual testing of the package according to DEVELOPMENT_MAINTENANCE.md has shown no loss of functionality - but if the codeowners are aware of any potential breakage, please let me know!

This is in support of epic &146.